Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
File: b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa (raw, json)
Hash identifier: iKoCAk8ALHVhGCtCP/PJPjSaxSdKQIFe2kwcIKBFFck=
Subject key identifier: 74:2C:19:7F:45:92:D0:A1:67:BA:3F:A8:31:C4:DF:2F:7C:CD:0C:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2234B8CF684777BFB5E31AC09D9EBC45100D378F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
Signing time: Fri 26 Sep 2025 20:11:15 +0000
ROA not before: Fri 26 Sep 2025 20:11:15 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:34:b8:cf:68:47:77:bf:b5:e3:1a:c0:9d:9e:bc:45:10:0d:37:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 20:11:15 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=186affe20cbf7441a4ef7043f9720a6d9b3ee68a5c4d6636f6e17eec6c8d94b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ad:13:57:02:7a:8f:31:8c:1b:b6:55:62:49:
fa:1d:e0:94:34:ad:e9:63:37:88:cf:93:e6:d5:a8:
68:a0:8f:aa:a9:63:9c:ce:46:37:9a:44:c5:df:d9:
a7:66:4d:44:29:5f:a4:56:42:f2:b9:17:72:86:e0:
02:7f:06:6a:81:d1:ec:02:d7:73:09:1e:df:a8:af:
08:b0:9a:14:10:57:4f:f0:81:23:a5:c1:a2:d7:f0:
9b:c5:f0:69:7b:1e:e7:2c:91:21:4b:0f:47:66:cd:
ba:c6:b8:19:1f:13:9b:9a:72:90:fd:45:c8:5c:3e:
84:ab:39:4e:bd:f7:13:5e:a4:a0:a3:f5:0a:c5:53:
a3:1c:f8:32:75:eb:26:74:92:0d:9e:db:81:b5:01:
77:a7:8f:ba:af:46:25:03:59:71:57:0e:87:27:92:
9f:ac:de:a5:cf:c2:2a:a4:00:3d:bb:d5:9b:cd:c3:
b0:bc:c8:36:fb:6d:b1:e5:ef:ae:c4:47:7f:5a:a9:
f1:36:af:73:23:60:e2:4c:e1:8c:e6:fe:61:ee:29:
dd:c2:22:e0:68:ed:02:41:b2:01:dd:fe:a2:69:fc:
ae:e7:11:2f:7f:6d:fe:24:d9:d1:ac:05:c6:07:50:
8c:89:0a:53:c2:02:69:45:21:7d:ee:51:da:39:45:
35:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:2C:19:7F:45:92:D0:A1:67:BA:3F:A8:31:C4:DF:2F:7C:CD:0C:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b:800::/37
Signature Algorithm: sha256WithRSAEncryption
77:43:e2:6f:1b:52:22:58:6e:6c:44:88:e9:cd:09:59:f5:13:
58:ba:9d:42:93:3e:dd:fd:14:f3:91:ff:24:cf:4d:5f:e3:c3:
19:5c:c7:75:55:04:55:f5:19:6b:d7:8b:67:e2:d7:dd:99:0b:
be:84:88:84:5a:da:8d:92:13:ad:92:fb:be:95:ea:38:5d:46:
5f:fd:7f:df:59:07:59:9c:d8:ba:f8:22:db:64:e8:57:d9:0e:
5e:c4:1c:92:45:3c:c0:dd:87:e3:70:e2:ad:1c:89:d8:60:d9:
7c:c6:eb:e7:99:40:67:70:00:85:c0:e8:d0:5d:ad:3a:33:55:
09:35:09:42:14:da:de:8c:7a:13:fc:1e:4e:56:52:45:d3:d1:
43:6f:81:fa:92:51:5b:e4:d5:5d:9b:a1:97:84:72:fb:63:50:
df:3b:66:41:2a:f5:2a:8e:d6:ba:4a:61:78:3f:38:62:3f:ce:
57:0d:76:76:71:7d:8e:af:16:a9:d6:0e:93:53:9e:e2:34:1a:
2d:26:c1:b8:bd:49:43:16:f5:52:96:a4:1d:97:f0:7a:f0:8b:
e8:67:fb:e6:d5:c8:5c:c0:cb:57:52:90:e0:2e:6e:e6:a2:88:
6d:e5:a6:19:df:29:af:b1:20:08:38:64:ff:f5:a7:73:63:4b:
f3:d5:99:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIjS4z2hHd7+14xrAnZ68RRANN48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYyMDExMTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4NmFmZmUyMGNiZjc0NDFhNGVmNzA0M2Y5NzIwYTZkOWIzZWU2OGE1YzRk
NjYzNmY2ZTE3ZWVjNmM4ZDk0YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKtE1cCeo8xjBu2VWJJ+h3glDSt6WM3iM+T5tWoaKCPqqljnM5GN5pExd/Z
p2ZNRClfpFZC8rkXcobgAn8GaoHR7ALXcwke36ivCLCaFBBXT/CBI6XBotfwm8Xw
aXse5yyRIUsPR2bNusa4GR8Tm5pykP1FyFw+hKs5Tr33E16koKP1CsVToxz4MnXr
JnSSDZ7bgbUBd6ePuq9GJQNZcVcOhyeSn6zepc/CKqQAPbvVm83DsLzINvttseXv
rsRHf1qp8TavcyNg4kzhjOb+Ye4p3cIi4GjtAkGyAd3+omn8rucRL39t/iTZ0awF
xgdQjIkKU8ICaUUhfe5R2jlFNfMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0LBl/
RZLQoWe6P6gxxN8vfM0MojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjNiMTg2NDgtYmVhMC00ZjdlLThmMGYtNWFkMmQyZjA1ZWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CsI
MA0GCSqGSIb3DQEBCwUAA4IBAQB3Q+JvG1IiWG5sRIjpzQlZ9RNYup1Ckz7d/RTz
kf8kz01f48MZXMd1VQRV9Rlr14tn4tfdmQu+hIiEWtqNkhOtkvu+leo4XUZf/X/f
WQdZnNi6+CLbZOhX2Q5exBySRTzA3YfjcOKtHInYYNl8xuvnmUBncACFwOjQXa06
M1UJNQlCFNrejHoT/B5OVlJF09FDb4H6klFb5NVdm6GXhHL7Y1DfO2ZBKvUqjta6
SmF4PzhiP85XDXZ2cX2Orxap1g6TU57iNBotJsG4vUlDFvVSlqQdl/B68IvoZ/vm
1chcwMtXUpDgLm7mooht5aYZ3ymvsSAIOGT/9adzY0vz1Zlu
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:53:26 2025 by rpki-client